Beefy Boxes and Bandwidth Generously Provided by pair Networks
Perl-Sensitive Sunglasses
 
PerlMonks  

comment on

( #3333=superdoc: print w/replies, xml ) Need Help??
> Adding a second node adds complexity

Yes, and complexity means it's harder to hack you.

> storing the key in clear text in the database

I'd store it encrypted with the passphrase.

> they cannot be re-encrypted

What do you mean?

#!/usr/bin/perl use strict; use warnings; use Data::Dumper; $Data::Dumper::Useqq = 1; # In reality, use a better algorithm, add salt, etc. sub encrypt { my ($password, $passphrase) = @_; my $long_passphrase = $passphrase; $long_passphrase .= $passphrase until length($password) < length $long_passphrase; substr $long_passphrase, -1, 1, q() until length($password) == length $long_passphrase; return $password ^ $long_passphrase } *decrypt = *encrypt{CODE}; # This comes from the users. my %real_passwords = ( john => 'pas$$w0rd', jane => 'bailey2012', ); # This comes from the admin. my $passphrase = 'Perl FTW!'; # This gets saved in the DB. my %stored_passwords = map { $_ => encrypt($real_passwords{$_}, $passphrase) } keys %real_passwords; print Dumper \%stored_passwords; # When changing the passphrase, just update the passwords: my $new_passphrase = 'Invalidate all passwords!'; $_ = encrypt(decrypt($_, $passphrase), $new_passphrase) for values %stored_passwords; print Dumper \%stored_passwords; # We can now retrieve the passwords using the new passphrase. print Dumper +{ map { $_ => decrypt($stored_passwords{$_}, $new_passphrase) } keys %stored_passwords };

($q=q:Sq=~/;[c](.)(.)/;chr(-||-|5+lengthSq)`"S|oS2"`map{chr |+ord }map{substrSq`S_+|`|}3E|-|`7**2-3:)=~y+S|`+$1,++print+eval$q,q,a,

In reply to Re^3: OT: Storing encryption keys securely by choroba
in thread OT: Storing encryption keys securely by Beatnik

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post; it's "PerlMonks-approved HTML":



  • Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
  • Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
  • Read Where should I post X? if you're not absolutely sure you're posting in the right place.
  • Please read these before you post! —
  • Posts may use any of the Perl Monks Approved HTML tags:
    a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
  • You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
            For:     Use:
    & &amp;
    < &lt;
    > &gt;
    [ &#91;
    ] &#93;
  • Link using PerlMonks shortcuts! What shortcuts can I use for linking?
  • See Writeup Formatting Tips and other pages linked from there for more info.
  • Log In?
    Username:
    Password:

    What's my password?
    Create A New User
    Chatterbox?
    and the web crawler heard nothing...

    How do I use this? | Other CB clients
    Other Users?
    Others contemplating the Monastery: (4)
    As of 2021-03-01 13:55 GMT
    Sections?
    Information?
    Find Nodes?
    Leftovers?
      Voting Booth?
      My favorite kind of desktop background is:











      Results (5 votes). Check out past polls.

      Notices?